Weekly Update

How mobile payments providers can face privacy hurdles

The hype surrounding mobile payments seems to grow greater by the day. In just the last week, Dunkin’ Donuts launched a QR-based payment app, McDonald’s unveiled a partnership with PayPal to accept mobile transactions in 30 outlets in France, and Braintree spent $26.2 million to acquire Venmo, which powers person-to-person payments. Meanwhile, Juniper Research predicted mobile payments will grow four-fold over the next five years to become a $1.3 trillion industry by 2017.

As the industry gets its legs, though, it will have to deal with some major challenges regarding consumer privacy. I was reminded of that as I read this recent piece from CIO.com urging users to avoid using a high-profile mobile payment system being developed by a consortium of retailers including Best Buy, Wal-Mart and Target. Writer Bill Snyder argues that Merchant Customer Exchange (MCX), as it is dubbed, “is just an invitation to get hacked and share personal data with marketers, spammers and cops.”

Targeted ads will drive mobile payments

That’s as true of MCX as it is of every other payment system coming to market, of course, because advertising dollars will be necessary to support the concept of a mobile wallet. Using a phone rather than cash or a credit card to pay for goods and services offers no real value to consumers, as I’ve argued before, so users simply won’t pay extra for the privilege. Instead, payment systems will have to offer discounts, loyalty programs and other goodies to lure consumers. So ads will be a fundamental component of MCX, PayPal, Google Wallet, the carrier-backed Isis and every other wanna-be in the space.

The business models for these payment systems will be extremely complex, involving everyone from retailers and transaction companies, marketing agencies, app developers and perhaps the carriers themselves. And because the highly targeted ads are the most lucrative, these systems will accrue an enormous amount of data about their users. Grocery-store membership programs can track the basic shopping behavior of their users, but mobile payment systems will be able to leverage that kind of information from dozens of retail partners, monitoring not just what users buy but also when and where they shop. And you can bet that some players in the space will try to find ways to combine all that information with data like contact lists and location history – you know, the kind of stuff that many app developers are allegedly gleaning surreptitiously even in these early days of mobile marketing. Additionally, those payment systems will have access to the highly sensitive bank and credit card accounts of their users.

What it will mean

The rise of location-based ads is likely to be the next big controversy in mobile, as I discussed at length in a GigaOM Pro report on mobile privacy published last week. “Closing the loop” by enabling mobile payments will only make things more complicated because it will create so much more consumer data to be exploited. So it will be incumbent on players in that space to make sure that demographic data is anonymized, and that financial information is absolutely locked down. While social features are sure to play a big role in mobile payments, providers must learn from Facebook’s mistakes with Beacon and never broadcast their users’ purchases without specifically getting permission beforehand. And those providers must constantly educate their users about what kind of consumer data they use, who they share it with and why.

I’m still skeptical that mobile payments will see the kind of rapid uptake Juniper Research forecasts, but they’re certain to see increased traction in the coming decade. But the space is already crowded with several heavyweights, and we’re likely to see more emerge as the industry evolves. We won’t see many winners in each market, because consumers won’t download a half-dozen apps or more, using each one based on where they’re shopping. The winners will not only forge the right partnerships, they will ensure their users’ financial data is absolutely secure. Almost as importantly, they will make sure their users understand the value proposition behind sharing things like location information and shopping habits. Mobile payments is already a cutthroat industry, which means consumers have plenty of options to choose from.